mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "DevNull43 (JIRA)" <j...@apache.org>
Subject [jira] Commented: (FTPSERVER-349) WhiteList
Date Fri, 05 Mar 2010 01:09:27 GMT

    [ https://issues.apache.org/jira/browse/FTPSERVER-349?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12841634#action_12841634
] 

DevNull43 commented on FTPSERVER-349:
-------------------------------------

The only solution is to check if List is empty and then ignore it, this works however I'm
concerned if this can be a security breach:

WhiteList.java:

    private boolean isAllowed(IoSession session) {
        SocketAddress remoteAddress = session.getRemoteAddress();
        if (!whitelist.isEmpty()){
	        if (remoteAddress instanceof InetSocketAddress) {
	            InetAddress address = ((InetSocketAddress) remoteAddress).getAddress();
	            LOGGER.debug("Checking whitelist: " + address);
	            // check all subnets
	            for(Subnet subnet : whitelist) {
	                if(subnet.inSubnet(address)) {
	                    LOGGER.debug("Allowed: " + address);
	                    return true;
	                }
	            }
	        }
	        LOGGER.debug("Denied");
	        return false;
        }else{
        	LOGGER.trace("No WhiteList configured");
        	return true;
        }
    }

> WhiteList
> ---------
>
>                 Key: FTPSERVER-349
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-349
>             Project: FtpServer
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 1.0.3
>            Reporter: DevNull43
>            Priority: Trivial
>             Fix For: 1.1.0
>
>         Attachments: WhiteList.txt
>
>
> WhiteList filer
> Restricting access to FTP based on a WhiteList
> BlackList -> Allow all, Deny some.
> WhiteList -> Deny all, Allow some.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message